-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathprox_cert_caddy.sh
More file actions
38 lines (26 loc) · 839 Bytes
/
prox_cert_caddy.sh
File metadata and controls
38 lines (26 loc) · 839 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#!/bin/bash
# List of Proxmox nodes: "hostname_or_ip label"
NODES=(
"10.0.2.20 proxmox1"
"10.0.2.21 proxmox2"
)
# Temporary directory
TMP_DIR="/tmp/proxmox_certs"
# Ensure tmp dir exists
mkdir -p "$TMP_DIR"
echo "Fetching and installing Proxmox certificates..."
for NODE in "${NODES[@]}"; do
read -r HOST LABEL <<< "$NODE"
echo "🔐 Connecting to $LABEL ($HOST)..."
# Fetch cert
scp root@"$HOST":/etc/pve/local/pve-ssl.pem "$TMP_DIR/$LABEL.crt"
# Move to system CA directory
sudo cp "$TMP_DIR/$LABEL.crt" /usr/local/share/ca-certificates/"$LABEL".crt
done
echo "🧼 Cleaning up temp files..."
rm -rf "$TMP_DIR"
echo "🔄 Updating system trust store..."
sudo update-ca-certificates
echo "🔁 Restarting Caddy..."
sudo systemctl restart caddy
echo "✅ Done. Certificates from Proxmox nodes are now trusted."